From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 84EEF7460C for ; Fri, 9 Jul 2021 09:25:32 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 7B4962109F for ; Fri, 9 Jul 2021 09:25:02 +0200 (CEST) Received: from mirage.deb.at (mirage.deb.at [IPv6:2001:858:10f:100::23:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 1AAC421096 for ; Fri, 9 Jul 2021 09:25:02 +0200 (CEST) Received: from localhost (2a02-8388-22c0-1b00-b2bd-ccde-c998-d872.cable.dynamic.v6.surfer.at [IPv6:2a02:8388:22c0:1b00:b2bd:ccde:c998:d872]) by mirage.deb.at (Postfix) with ESMTPSA id 692008F8D1; Fri, 9 Jul 2021 07:25:01 +0000 (UTC) From: Rhonda D'Vine To: pve-devel@lists.proxmox.com Date: Fri, 9 Jul 2021 09:24:41 +0200 Message-Id: <20210709072441.8437-2-rhonda@deb.at> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210709072441.8437-1-rhonda@deb.at> References: <20210709072441.8437-1-rhonda@deb.at> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_PASS -0.001 SPF: HELO matches SPF record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [pve6to7.pm] X-Mailman-Approved-At: Fri, 09 Jul 2021 10:09:05 +0200 Subject: [pve-devel] [PATCH pve-manager 1/1] Only check deb sources.list entries X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jul 2021 07:25:32 -0000 The check isn't specific enough, it also catches deb-src entries and would give a false impression of security in certain circumstances, or lead to false negatives in case you have a deb-src entry for buster/updates even though you have bullseye-security in just the next line -- something that isn't that uncommon for developers. Signed-off-by: Rhonda D'Vine --- PVE/CLI/pve6to7.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/PVE/CLI/pve6to7.pm b/PVE/CLI/pve6to7.pm index fb928a9c..30adcb19 100644 --- a/PVE/CLI/pve6to7.pm +++ b/PVE/CLI/pve6to7.pm @@ -1010,7 +1010,7 @@ sub check_security_repo { ($line) = split(/#/, $line); - next if $line !~ m/^deb/; # is case sensitive + next if $line !~ m/^deb[[:space:]]/; # is case sensitive my $suite; -- 2.30.2